CVE-2023-53400 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: Fix Oops by 9.1 surround channel names

get_line_out_pfx() may trigger an Oops by overflowing the static array
with more than 8 channels. This was reported for MacBookPro 12,1 with
Cirrus codec.

As a workaround, extend for the 9.1 channels and also fix the
potential Oops by unifying the code paths accessing the same array
with the proper size check.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/082dcd51667b29097500c824c37f24da997a6a8a
https://git.kernel.org/stable/c/3b44ec8c5c44790a82f07e90db45643c762878c6
https://git.kernel.org/stable/c/4ef155ddf9578bf035964d58739fdcd7dd44b4a4
https://git.kernel.org/stable/c/546b1f5f45a355ae0d3a8041cdaca597dfcac825
https://git.kernel.org/stable/c/b5694aae4c2d9a288bafce7d38f122769e0428e6
https://git.kernel.org/stable/c/dc8c569d59f17b17d7bca4f68c36bd571659921e
https://git.kernel.org/stable/c/e8c7d7c43d5edd20e518fe1dfb2371d1fe6e8bb8
https://git.kernel.org/stable/c/fcf637461019e9a5a0c12fc5c42a9db1779b0634

History

Thu, 18 Sep 2025 13:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names get_line_out_pfx() may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As a workaround, extend for the 9.1 channels and also fix the potential Oops by unifying the code paths accessing the same array with the proper size check.
Title		ALSA: hda: Fix Oops by 9.1 surround channel names
References		https://git.kernel.org/stable/c/082dcd51667b29097500c824c37f24da997a6a8a https://git.kernel.org/stable/c/3b44ec8c5c44790a82f07e90db45643c762878c6 https://git.kernel.org/stable/c/4ef155ddf9578bf035964d58739fdcd7dd44b4a4 https://git.kernel.org/stable/c/546b1f5f45a355ae0d3a8041cdaca597dfcac825 https://git.kernel.org/stable/c/b5694aae4c2d9a288bafce7d38f122769e0428e6 https://git.kernel.org/stable/c/dc8c569d59f17b17d7bca4f68c36bd571659921e https://git.kernel.org/stable/c/e8c7d7c43d5edd20e518fe1dfb2371d1fe6e8bb8 https://git.kernel.org/stable/c/fcf637461019e9a5a0c12fc5c42a9db1779b0634

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T13:33:40.338Z

Updated: 2025-09-18T13:33:40.338Z

Reserved: 2025-09-17T14:54:09.738Z

Link: CVE-2023-53400

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-18T14:15:43.293

Modified: 2025-09-18T14:15:43.293

Link: CVE-2023-53400

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object